TWiki
>
CF Web
>
DataPublicAccess
(2015-08-27,
BillInce
)
(raw view)
E
dit
A
ttach
---+ CSCF Access to Public Data In general, access to data that is public (to whatever extent), is best mediated by some system. E.g. it's not considered ideal to provide a login to a database system for everyone, even if the visible data is (in theory) quite limited. Doing so would leave it more open to attack than is necessary. So, to provide access to the data for the mediating system, we need an account/userid to control access. The recent (2014-08) direction is to use the userid =cscf-dat= (=cscf-data=) to control access to files that contain database passwords. There can be variants, depending upon the security and source of the data. E.g. we have userid =cscf-ona= which controls access to a password for access to part of the ONA (campus network) data. The Postgres role of =_cscf_web= is expected to be used in general for data that is public, even when it resides in a database that contains private data. E.g. the OAT database mostly contains private data, however it also contains data such as course titles. That's made available to =_cscf_web= for reading via a "view" with very limited data access. The CSCF public data is on a different server, and also uses the same role to control read access. An example of direct =_cscf_web= usage is the tools used for [[CscfTeachingNewTermEmail][Start of Term Email to Instructors]]. It's done that way primarily to avoid having to make a setuid interface to the Perl program involved. An example of =cscf-dat= usage is the [[DataPublicPoC][CSCF Points of Contact]] data, which uses =cscf-dat= to control access to the password for the =_cscf_web= database role in the CSCF public database, as well as in the OAT database (in order to determine course titles). Write access to the CSCF public data is available to those with a database account that's a member of the =_cscf_root= role. Write access to the public OAT data is unavailable directly, as the data is obtained from other source (e.g. the Registrar).
E
dit
|
A
ttach
|
Watch
|
P
rint version
|
H
istory
: r5
<
r4
<
r3
<
r2
<
r1
|
B
acklinks
|
V
iew topic
|
WYSIWYG
|
M
ore topic actions
Topic revision: r5 - 2015-08-27
-
BillInce
CF
Information in this area is meant for use by CSCF staff and is not official documentation, but anybody who is interested is welcome to use it if they find it useful.
CF Web
CF Web Home
Changes
Index
Search
Administration
Communication
Email
Hardware
HelpDeskGuide
Infrastructure
InternalProjects
Linux
MachineNotes
Macintosh
Management
Networking
Printing
Research
Security
Software
Solaris
StaffStuff
TaskGroups
TermGoals
Teaching
UserSupport
Vendors
Windows
XHier
Other Webs
CSEveryBody
Main
Sandbox
TWiki
UW
My links
People
CERAS
WatForm
Tetherless lab
Ubuntu Main.HowTo
eDocs
RGG NE notes
RGG
CS infrastructure
Grad images
Edit
Copyright © 2008-2025 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki?
Send feedback